> Trying to do it on Google, with a serious effort, that's the wacky part

If I were the FBI, I'd be looking at people with recently bought Google puts expiring soon. I can't imagine anyone taking a swing at Google infra "for the lulz". Also in contention: nation-states doing a practice run.

That's because you don't think like a 16 year old

This is exactly the kind of things that a smart kid who's still just a foolish highschool student would do. I wouldn't be surprised if this attack already exists in the wild, it's not hard to write

Also the subsequent attacks were less effective, that's exactly what some kid would be doing.

You don't even need an expansive botnot. A rich kid whose parents are in neighborhoods with residential fiber with a bunch of friends could probably coordinate it through a discord server

Most of us really don't interact with teenagers regularly so we forget they're out there (they also tend to dislike adults so they make themselves especially invisible around us). When it comes to things like this, that's my first assumption until further evidence.

Merely teenaged graffiti for the digital age.

Google infra is attacked with large scale DDoS type attacks literally multiple times a day. They’re usually a nothingburger.

Google options with near expiries have 100s of thousands of contracts of open interest[1]. Unless you found the person some other way (and then could prove that they had also gone long a short-dated put to try to profit) there's literally no way you find anything interesting by doing that.

[1] Add up the "Open int" numbers here https://www.nasdaq.com/market-activity/stocks/goog/option-ch...

Google is rarely the target of intentional attacks. Their cloud customers are the intended victims.